login
person_add
Korean
Dark Mode Light Mode
Instagram Threads Tiktok Youtube NAVER TV
loginLogin
person_addRegister
Korean한국어
Dark Mode Light Mode
Popular Searches
Trending Now

Get the Hottest Updates

Privacy Policy

Article 1 : Purpose

72dot (hereinafter referred to as the ‘Company’) establishes this Privacy Policy (hereinafter referred to as ‘this Policy’) to protect the information (hereinafter referred to as ‘Personal Information’) of individuals (hereinafter referred to as ‘User’ or ‘Individual’) who use the IFFFAI website (hereinafter referred to as the ‘Website’) that the Company intends to provide, to comply with relevant laws and regulations such as the 「Personal Information Protection Act」 and the 「Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.」(hereinafter referred to as the ‘Information and Communications Network Act’), and to promptly and smoothly handle grievances related to the protection of users’ personal information.

Article 2 : Principles of Personal Information Processing

In accordance with relevant personal information laws and this Policy, the Company may collect users’ personal information, and collected personal information may be provided to third parties only with the individual’s consent. However, if legally compelled by provisions of laws and regulations, the Company may provide collected user personal information to a third party without prior consent from the individual.

Article 3 : Disclosure of this Policy

  1. The Company discloses this Policy through the first page of the Company’s website or a connecting screen from the first page so that users can easily check this Policy at any time.
  2. When disclosing this Policy in accordance with Paragraph 1, the Company shall utilize font size, color, etc., to enable users to easily check this Policy.

Article 4 : Changes to this Policy

  1. If the Company revises this Policy, it will notify users through one or more of the following methods:
    1. Notification through the notice section of the first screen of the internet homepage operated by the Company or through a separate window.
    2. Notification to users by means of written documents, facsimile transmission, email, or similar methods.
  2. The Company will provide notice as per Paragraph 1 at least 7 days before the effective date of the revision of this Policy. However, if there are important changes to user rights, notice will be given at least 30 days in advance.

Article 5 : Information for Member Registration

The Company collects the following information for website membership registration:

  1. Mandatory collected information: Email address, password, and nickname
  2. Optional collected information: Name, profile picture (when using social login)

Article 6 : Methods of Collecting Personal Information

The Company collects users’ personal information in the following ways:

  1. When the user enters their personal information on the Company’s homepage.
  2. When the user enters their personal information through services other than the Company’s homepage provided by the Company, such as applications.
  3. When the user logs in (registers) through their social media account (Google/Kakao).

Article 7 : Use of Personal Information

The Company uses collected personal information for the following purposes:

  1. When necessary for Company operations, such as delivering notices.
  2. For service improvement for users, such as responding to inquiries and handling complaints.
  3. To provide the Company’s services.
  4. For measures to restrict use for members who violate laws and Company terms and conditions, and for preventing and sanctioning acts that interfere with the smooth operation of the service, including fraudulent use.
  5. Sending emails for password resets (to minimize personal information, authentication methods via mobile phone/certificate are not used).

Article 8 : Retention and Use Period of Personal Information

  1. The Company retains and uses the user’s personal information until the purpose of collecting and using personal information is achieved.
  2. Notwithstanding the preceding paragraph, according to internal policy, records of service misuse are stored for a maximum of 1 year from the time of membership withdrawal to prevent fraudulent registration and use.

Article 9 : Retention and Use Period According to Relevant Laws and Regulations

The Company retains and uses personal information as follows in accordance with relevant laws and regulations:

  1. Information retained and retention period according to the 「Act on Consumer Protection in Electronic Commerce, etc.」
    1. Records on contracts or withdrawal of offers, etc.: 5 years
    2. Records on payment and supply of goods, etc.: 5 years
    3. Records on consumer complaints or dispute resolution: 3 years
    4. Records on display/advertisement: 6 months
  2. Information retained and retention period according to the 「Protection of Communications Secrets Act」
    1. Website log records: 3 months
  3. Information retained and retention period according to the 「Electronic Financial Transactions Act」
    1. Records on electronic financial transactions: 5 years
  4. 「Act on the Protection and Use of Location Information」
    1. Records on personal location information: 6 months

Article 10 : Principle of Personal Information Destruction

In principle, when personal information is no longer necessary, such as when the purpose of processing the user’s personal information has been achieved or the retention/use period has expired, the Company will destroy the information without delay.

Article 11 : Personal Information Destruction Procedure

  1. Information entered by the user for membership registration, etc., is transferred to a separate DB (or a separate filing cabinet in the case of paper) after the purpose of processing personal information is achieved, and is stored for a certain period according to internal policies and other information protection reasons under relevant laws (see Articles 8 and 9) before being destroyed.
  2. The Company destroys personal information for which a reason for destruction has occurred after undergoing an approval procedure by the personal information protection officer.

Article 12 : Method of Personal Information Destruction

The Company deletes personal information stored in electronic file format using a technical method that makes records irreproducible, and personal information printed on paper is destroyed by shredding or incineration.

Article 13 : Measures for Transmitting Advertising Information

  1. When transmitting commercial advertising information using electronic transmission media, the Company obtains explicit prior consent from the user. However, prior consent is not obtained in any of the following cases:
    1. Where the Company has directly collected contact information from the recipient through a transaction relationship for goods, etc., and intends to transmit commercial advertising information for the same type of goods, etc., that the Company processed and transacted with the recipient within 6 months from the date the transaction ended.
    2. Where a telemarketer under the 「Act on Door-to-Door Sales, etc.」 informs the recipient of the source of personal information collection by voice and solicits by telephone.
  2. Notwithstanding the preceding paragraph, if the recipient expresses refusal to receive or withdraws prior consent, the Company will not transmit commercial advertising information and will inform the recipient of the results of processing the refusal to receive and withdrawal of consent.
  3. When transmitting commercial advertising information using electronic transmission media between 9 PM and 8 AM the next day, the Company shall obtain separate prior consent from the recipient, notwithstanding Paragraph 1.
  4. When transmitting commercial advertising information using electronic transmission media, the Company shall specifically state the following matters in the advertising information:
    1. Company name and contact information
    2. Matters concerning the expression of refusal to receive or withdrawal of consent to receive
  5. When transmitting commercial advertising information using electronic transmission media, the Company shall not take any of the following measures:
    1. Measures to avoid or interfere with the recipient’s refusal to receive or withdrawal of consent for advertising information.
    2. Measures to automatically generate the recipient’s contact information, such as telephone numbers or email addresses, by combining numbers, symbols, or characters.
    3. Measures to automatically register telephone numbers or email addresses for the purpose of transmitting commercial advertising information.
    4. Various measures to conceal the identity of the sender of advertising information or the source of advertisement transmission.
    5. Various measures to induce a response from the recipient by deception for the purpose of transmitting commercial advertising information.

Article 14 : Inquiry and Withdrawal of Consent for Collection of Personal Information

  1. Users and their legal representatives may at any time inquire about or modify their registered personal information and may request withdrawal of consent for the collection of personal information.
  2. To withdraw consent for the collection of their registration information, users and their legal representatives should contact the personal information protection officer or the person in charge by letter, phone, or email, and the Company will take necessary measures without delay.

Article 15 : Correction of Personal Information, etc.

  1. Users may request the Company to correct errors in their personal information using the method specified in Article 14, Paragraph 2.
  2. In the case of the preceding paragraph, the Company will not use or provide the personal information until the correction is completed, and if incorrect personal information has already been provided to a third party, the Company will notify the third party of the correction result without delay so that the correction can be made.

Article 16 : User’s Obligations

  1. Users must keep their personal information up-to-date, and the user is responsible for any problems arising from incorrect information entered by the user.
  2. Membership registration using another person’s personal information may result in loss of user qualification or punishment according to relevant personal information protection laws.
  3. Users are responsible for maintaining the security of their email addresses, passwords, etc., and may not transfer or lend them to third parties.

Article 17 : Company’s Management of Personal Information

In processing users’ personal information, the Company devises necessary technical and managerial safeguards to ensure safety so that personal information is not lost, stolen, leaked, forged, altered, or damaged.

Article 18 : Processing of Deleted Information

Personal information that has been terminated or deleted at the request of the user or legal representative is processed according to the ‘Retention and Use Period of Personal Information in Article 8’ and ‘Retention and Use Period According to Relevant Laws and Regulations in Article 9’, and is processed so that it cannot be viewed or used for other purposes.

Article 19 : Encryption of Passwords

User passwords are stored and managed by one-way encryption, and confirmation and modification of personal information are possible only by the user who knows the password.

Article 20 : Countermeasures Against Hacking, etc.

  1. The Company does its best to prevent users’ personal information from being leaked or damaged by hacking, computer viruses, or other intrusions into the information and communications network.
  2. The Company uses the latest anti-virus programs to prevent users’ personal information or data from being leaked or damaged.
  3. The Company does its best in security measures using an intrusion prevention system to prepare for any eventuality.
  4. In the case of sensitive personal information, the Company ensures that it can be transmitted securely over the network through encrypted communication.

Article 21 : Minimization of Personal Information Processing and Education

The Company limits the number of personnel handling personal information to a minimum and emphasizes compliance with laws, regulations, and internal policies through managerial measures such as education for personal information handlers.

Article 22 : Measures in Case of Personal Information Leakage, etc.

When the Company becomes aware of the fact of loss, theft, or leakage (hereinafter referred to as ‘leakage, etc.’) of personal information, it will notify the relevant user of all of the following items without delay and report to the Korea Communications Commission or the Korea Internet & Security Agency.

  1. Items of personal information that were leaked, etc.
  2. The time when the leakage, etc., occurred.
  3. Measures that the user can take.
  4. Response measures of the information and communication service provider, etc.
  5. Department and contact information where users can submit inquiries, etc.

Article 23 : Exceptions to Measures for Personal Information Leakage, etc.

Notwithstanding the preceding article, if there is a justifiable reason, such as not knowing the user’s contact information, the Company may substitute the notification of the preceding article by posting it on the Company’s homepage for 30 days or more.

Article 24 : Matters Concerning the Installation and Operation of Automatic Personal Information Collection Devices and Their Rejection

  1. To provide personalized services to users, the Company uses automatic personal information collection devices (hereinafter referred to as ‘cookies’) that store and frequently retrieve usage information. Cookies are small amounts of information that the server (http) used to operate the website sends to the user’s web browser (including PC and mobile) and are sometimes stored in the user’s storage space.
  2. Users have the option to install cookies. Therefore, users can set options in their web browser to allow all cookies, to confirm each time a cookie is saved, or to refuse to save all cookies.
  3. However, if you refuse to store cookies, you may experience difficulties using some of the Company’s services that require login.

Article 25 : How to Specify Cookie Installation Permission

You can set cookie permission, cookie blocking, etc., through browser option settings.

  1. For Desktop Chrome: Select ⋮ at the top right of the desktop browser > New Incognito window (Shortcut: Ctrl+Shift+N)
  2. For Desktop Edge: Select … at the top right of the desktop browser > New InPrivate window (Shortcut: Ctrl+Shift+N)
  3. For Mobile Chrome: Select … at the bottom right of the mobile browser > New Incognito tab
  4. For Mobile Safari: Mobile device Settings > Safari > Advanced > Block All Cookies
  5. For Mobile Samsung Internet: Select ‘Tabs’ icon at the bottom of the mobile browser > Turn on Secret mode > Start

Article 26 : Designation of the Company’s Personal Information Protection Officer

To protect users’ personal information and handle complaints related to personal information, the Company designates the relevant department and personal information protection officer as follows:

  1. Name: Park Young-dae
  2. Position: Information Processing Manager
  3. Phone number: 02-3443-9172
  4. Email: hi@ifffai.com

Article 27 : Remedies for Infringement of Rights and Interests

  1. Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency (KISA) Personal Information Infringement Report Center, etc., to receive relief from personal information infringement. For other reports and consultations on personal information infringement, please contact the institutions below.
    1. Personal Information Dispute Mediation Committee: (No area code) 1833-6972 www.kopico.go.kr
    2. Personal Information Infringement Report Center: (No area code) 118 privacy.kisa.or.kr
    3. Supreme Prosecutors’ Office: (No area code) 1301 www.spo.go.kr
    4. National Police Agency: (No area code) 182 cyber.go.kr
  2. The Company guarantees the data subject’s right to self-determination regarding personal information and endeavors to provide consultation and relief for damages due to personal information infringement. If you need to report or consult, please contact the personal information protection officer or the responsible department indicated in Article 26.
  3. A person whose rights or interests have been infringed by a disposition or omission made by the head of a public institution in response to a request under Article 35 (Access to Personal Information), Article 36 (Correction or Deletion of Personal Information), or Article 37 (Suspension of Processing of Personal Information, etc.) of the 「Personal Information Protection Act」 may file an administrative appeal as prescribed by the 「Administrative Appeals Act」.
    1. Central Administrative Appeals Commission: (No area code) 110 simpan.go.kr

Article 28 : Addendum

  1. This Policy shall take effect on June 1, 2025.